Restore topic to revision:
You will be able to review the topic before saving it to a new revision
Copy text and form data to a new topic (no attachments will be copied though).
Name of copy: Allow non WikiWord name You will be able to review the copied topic before savingRename/move topic...
scans links in all public webs(recommended)Rename/move topic...
scans links in CBI_ComputerSecurity web only
Delete topic...
scans links in all public webs(recommended)Delete topic...
scans links in CBI_ComputerSecurity web only

[X] Hide this message. Notice: On June 30, 2016, UMWiki service will be decommissioned. If you have information in UMWIki that needs to be preserved, you should make plans to move it before that date. Google Sites is anticipated to be the most popular and appropriate alternative for users because it offers a more modern and user-friendly interface and unlimited capacity. To learn more about the features of Google Sites and other alternatives, and to identify which one best fits your needs, see the Universitys Website Solution Selection Guide. If you have concerns or would like help regarding this change and your options, please contact Technology Help at help@umn.edu

The Cuckoo's Egg

The Cuckoo's Egg, a 1989 book by computer scientist Clifford Stoll, details his investigation of a computer hacker who had gained unauthorized access to a computer at the Lawrence Berkeley National Laboratory (LBL) in 1986. Stoll's ten-month-long hunt in coordination with various law enforcement agencies led to the capture of German hacker Markus Hess.(1)

In August 1986, Stoll's LBL supervisor asked him to resolve an account disparity of seventy-five cents in the laboratory's computer usage bill. Despite its seeming intractability, Stoll was able to establish that a hacker not only had used nine seconds of unpaid-for computer time but also had gained root access to the system by exploiting a vulnerability in the move-mail function in the GNU Emacs text editor, a function that allowed users to transfer ownership of files to one another and therefore had system-manager privileges. Exploiting this vulnerability allowed the hacker to move files containing unauthorized instructions into the systems area of the computer's memory, in much the same way that a well-executed buffer overflow attack can. Stoll determined, with the help of colleagues, on the hacker's next modem-based attack was able to trace the call back to a call center at MITRE, a defense contractor in Virginia, one of the places that the hacker had gained access to in the United States. Stoll then monitored the hacker as he attempted to gain access to computers at various military bases, searching for information on nuclear weapons and on the Strategic Defense Initiative (the "Star Wars" anti-ballistic missile system). Stoll contacted the FBI, CIA, and NSA, but there was some confusion about whose jurisdiction computer hacking fell under.(2)(3)

Finally, Stoll made an educated guess that the hacker lived in a European time zone based on the timing of his attacks. With the help of several employees at Tymnet, the international communications company, Stoll traced the Hacker to West Germany and got in contact with the West German Deutsche Bundespost (the West German Post Office), who had jurisdiction over the country's communications networks. Stoll and the Bundespost then traced the hacker to a university in Bremen. Stoll then set a trap, placing large files with names that the hacker would find attractive on the LBL computer. When the hacker accessed these files, the Deutsche Bundespost was able to trace him to his home in Hanover, and identify him as Markus Hess. Hess was arrested, and it was revealed that he had been selling things he learned to the Soviet Union. Stoll later flew to West Germany to testify at Hess' trial.(4)(5)

Together with other high profile events such as the Morris Worm (1988), the Cuckoo's Egg incident led the computing community to the conclusion that better organization was needed for dealing with malicious and non-malicious code flaws. One of the results was the formation of the Computer Emergency Response Team (CERT) at Carnegie Mellon University and other such centers that allowed system administrators to exchange information on problems and solutions. The incident also shed light on major jurisdictional issues, particularly when it comes to international cooperation. As hacking methods grow more sophisticated, these problems have remained largely unresolved.(6)

The Cuckoo's Egg was well-reviewed in the popular press and in trade publications. One concern, expressed by Jim Gawn in Computers & Society, was that Stoll on occasion acted unethically in his pursuit of Hess, particularly when he lied to telecommunications companies in order to get information.(7)(8)(9)

The book led to moderate fame for Stoll, who fashioned himself into a technology writer and critic. Stoll wrote two other books, Silicon Snake Oil: Second Thoughts on the Information Highway (1996) and High-Tech Heretic: Reflections of a Computer Contrarian (2000). Silicon Snake Oil expressed Stoll's concerns about the Internet's influence on society and the economy, while High-Tech Heretic contains his reservations about the use of computers in the classroom, questioning whether too many resources are used on computer literacy programs.(10)(11)

Notes

1,2,4: Clifford Stoll, The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage. New York: Doubleday, 1989.